summaryrefslogtreecommitdiffstats
path: root/java/sca/modules/host-tomcat/src
diff options
context:
space:
mode:
authorrfeng <rfeng@13f79535-47bb-0310-9956-ffa450edef68>2008-08-09 06:11:54 +0000
committerrfeng <rfeng@13f79535-47bb-0310-9956-ffa450edef68>2008-08-09 06:11:54 +0000
commita49037c45192b749c045cbd27798f146192fa8d5 (patch)
tree84744e23c21bdf1312b3200ef270681c9a479c49 /java/sca/modules/host-tomcat/src
parentf30981d7dab6a6f9992bfd512b835cada3fa2d7f (diff)
Enable the https support for embedded tomcat and jetty with unit tests
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@684186 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'java/sca/modules/host-tomcat/src')
-rw-r--r--java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java66
-rw-r--r--java/sca/modules/host-tomcat/src/test/java/org/apache/tuscany/sca/http/tomcat/TomcatServerTestCase.java44
-rw-r--r--java/sca/modules/host-tomcat/src/test/resources/tuscany.keyStorebin0 -> 1265 bytes
3 files changed, 91 insertions, 19 deletions
diff --git a/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java b/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java
index 9b28729231..5ea1701c05 100644
--- a/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java
+++ b/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java
@@ -25,6 +25,7 @@ import java.net.URI;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.AccessController;
+import java.security.KeyStore;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
@@ -217,7 +218,7 @@ public class TomcatServer implements ServletHost {
if (scheme == null) {
scheme = "http";
}
- final int portNumber = (uri.getPort() == -1 ? defaultPortNumber : uri.getPort() );
+ final int portNumber = (uri.getPort() == -1 ? defaultPortNumber : uri.getPort());
// Get the port object associated with the given port number
Port port = ports.get(portNumber);
@@ -226,13 +227,12 @@ public class TomcatServer implements ServletHost {
// Create an engine
// Allow privileged access to read properties. Requires PropertiesPermission read in
// security policy.
- final StandardEngine engine =
- AccessController.doPrivileged(new PrivilegedAction<StandardEngine>() {
+ final StandardEngine engine = AccessController.doPrivileged(new PrivilegedAction<StandardEngine>() {
public StandardEngine run() {
return new StandardEngine();
}
});
-
+
engine.setBaseDir("");
engine.setDefaultHost("localhost");
engine.setName("engine/" + portNumber);
@@ -265,7 +265,7 @@ public class TomcatServer implements ServletHost {
// Allow privileged access to read properties. Requires PropertiesPermission read in
// security policy.
try {
- AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
public Object run() throws LifecycleException {
engine.start();
return null;
@@ -274,20 +274,52 @@ public class TomcatServer implements ServletHost {
} catch (PrivilegedActionException e) {
// throw (LifecycleException)e.getException();
throw new ServletMappingException(e);
- }
+ }
Connector connector;
// Allow privileged access to read properties. Requires PropertiesPermission read in
// security policy.
try {
+ final String protocol = scheme;
connector = AccessController.doPrivileged(new PrivilegedExceptionAction<CustomConnector>() {
public CustomConnector run() throws Exception {
- CustomConnector customConnector = new CustomConnector();
- customConnector.setPort(portNumber);
- customConnector.setContainer(engine);
- customConnector.initialize();
- customConnector.start();
- return customConnector;
- }
+ CustomConnector customConnector = new CustomConnector();
+ customConnector.setPort(portNumber);
+ customConnector.setContainer(engine);
+
+ if ("https".equalsIgnoreCase(protocol)) {
+ configureSSL(customConnector);
+ ((Http11Protocol) customConnector.getProtocolHandler()).setSSLEnabled(true);
+ }
+ customConnector.initialize();
+ customConnector.start();
+ return customConnector;
+ }
+
+ private void configureSSL(CustomConnector customConnector) {
+ String trustStore = System.getProperty("javax.net.ssl.trustStore");
+ String trustStorePass = System.getProperty("javax.net.ssl.trustStorePassword");
+ String keyStore = System.getProperty("javax.net.ssl.keyStore");
+ String keyStorePass = System.getProperty("javax.net.ssl.keyStorePassword");
+
+ customConnector.setProperty("protocol", "TLS");
+
+ customConnector.setProperty("keystore", keyStore);
+ customConnector.setProperty("keypass", keyStorePass);
+ String keyStoreType =
+ System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
+ String trustStoreType =
+ System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType());
+ customConnector.setProperty("keytype", keyStoreType);
+ customConnector.setProperty("trusttype", trustStoreType);
+ customConnector.setProperty("truststore", trustStore);
+ customConnector.setProperty("trustpass", trustStorePass);
+
+ customConnector.setProperty("clientauth", "false");
+ customConnector.setProtocol("HTTP/1.1");
+ customConnector.setScheme(protocol);
+ customConnector.setProperty("backlog", "10");
+ customConnector.setSecure(true);
+ }
});
} catch (Exception e) {
throw new ServletMappingException(e);
@@ -512,12 +544,12 @@ public class TomcatServer implements ServletHost {
} catch (Exception ex) {
// Hack to handle destruction of Servlets without Servlet context
}
-
+
logger.info("Removed Servlet mapping: " + suri);
-
+
// Stop the port if there's no servlets on it anymore
String[] contextNames = port.getConnector().getMapper().getContextNames();
- if (contextNames == null || contextNames.length ==0) {
+ if (contextNames == null || contextNames.length == 0) {
try {
port.getConnector().stop();
port.getEngine().stop();
@@ -526,7 +558,7 @@ public class TomcatServer implements ServletHost {
throw new IllegalStateException(e);
}
}
-
+
return servletWrapper.getServlet();
} else {
logger.warning("Trying to Remove servlet mapping: " + mapping + " where mapping is not registered");
diff --git a/java/sca/modules/host-tomcat/src/test/java/org/apache/tuscany/sca/http/tomcat/TomcatServerTestCase.java b/java/sca/modules/host-tomcat/src/test/java/org/apache/tuscany/sca/http/tomcat/TomcatServerTestCase.java
index 7ca5325ccb..afbec52cd9 100644
--- a/java/sca/modules/host-tomcat/src/test/java/org/apache/tuscany/sca/http/tomcat/TomcatServerTestCase.java
+++ b/java/sca/modules/host-tomcat/src/test/java/org/apache/tuscany/sca/http/tomcat/TomcatServerTestCase.java
@@ -20,10 +20,15 @@ package org.apache.tuscany.sca.http.tomcat;
import java.io.BufferedReader;
import java.io.IOException;
+import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.Socket;
+import java.net.URL;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSession;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@@ -91,7 +96,38 @@ public class TomcatServerTestCase extends TestCase {
service.stop();
assertTrue(servlet.invoked);
}
+
+ /**
+ * Verifies requests are properly routed according to the Servlet mapping
+ */
+ public void testRegisterServletMappingSSL() throws Exception {
+ System.setProperty("javax.net.ssl.keyStore", "target/test-classes/tuscany.keyStore");
+ System.setProperty("javax.net.ssl.keyStorePassword", "apache");
+ TomcatServer service = new TomcatServer(workScheduler);
+ TestServlet servlet = new TestServlet();
+ try {
+ service.addServletMapping("https://127.0.0.1:" + HTTP_PORT + "/foo", servlet);
+ } finally {
+ System.clearProperty("javax.net.ssl.keyStore");
+ System.clearProperty("javax.net.ssl.keyStorePassword");
+ }
+ System.setProperty("javax.net.ssl.trustStore", "target/test-classes/tuscany.keyStore");
+ System.setProperty("javax.net.ssl.trustStorePassword", "apache");
+ URL url = new URL("https://127.0.0.1:8085/foo");
+ HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
+ conn.setHostnameVerifier(new HostnameVerifier() {
+ public boolean verify(String hostname, SSLSession session) {
+ return true;
+ }}
+ );
+ conn.connect();
+ read(conn.getInputStream());
+
+ service.stop();
+ assertTrue(servlet.invoked);
+
+ }
/**
* Verifies that Servlets can be registered with multiple ports
*/
@@ -244,9 +280,14 @@ public class TomcatServerTestCase extends TestCase {
}
private static String read(Socket socket) throws IOException {
+ InputStream is = socket.getInputStream();
+ return read(is);
+ }
+
+ private static String read(InputStream is) throws IOException {
BufferedReader reader = null;
try {
- reader = new BufferedReader(new InputStreamReader(socket.getInputStream()));
+ reader = new BufferedReader(new InputStreamReader(is));
StringBuffer sb = new StringBuffer();
String str;
while ((str = reader.readLine()) != null) {
@@ -259,7 +300,6 @@ public class TomcatServerTestCase extends TestCase {
}
}
}
-
private class TestServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
boolean invoked;
diff --git a/java/sca/modules/host-tomcat/src/test/resources/tuscany.keyStore b/java/sca/modules/host-tomcat/src/test/resources/tuscany.keyStore
new file mode 100644
index 0000000000..7ea23f7ff4
--- /dev/null
+++ b/java/sca/modules/host-tomcat/src/test/resources/tuscany.keyStore
Binary files differ